The Serial ATA (“SATA”) specification is intended as a high-speed replacement for parallel ATA. Three different speed generations are defined by the SATA specification, namely Generation 1 operating at a transfer rate of 1.5 Gigabits per second (Gbps), Generation 2 operating at 3.0 Gbps, and Generation 3 operating at 6.0 Gbps. The SATA specification defines a point-to-point connection between a host adapter and a storage device controller. An example of a host adapter may be an integrated circuit including a Serial ATA controller with a PCI interface. The term “PCI” stands for “Peripheral Component Interconnect,” which is a local bus standard developed by the Intel® Corporation. An example of a storage device may be a Serial ATA hard-disk drive. This point-to-point connection is not intended to be shared, i.e. on any given channel, another device generally does not compete for bandwidth.
The SATA controller presents itself to the Operating System (“OS”) like a parallel ATA controller. Thus, the SATA controller supports the same commands and the same initialization behavior of a parallel ATA controller. Particularly, Serial ATA presents host software with the same set of task-file programming registers as parallel ATA. However, in Serial ATA these registers are generally not physically located on the disk drive. Instead, the registers have been moved into the host controller with the SATA specification referring to the same as “shadow” registers. By precisely emulating the same register interface to the disk drive, software compatibility is assured.
The SATA specification provides for layering of functions. The lowest layer in the SATA architecture is the Phy (“Physical”) layer, which is responsible for generating actual electrical signals, transmitting the generated electrical signals, and deciphering the received electrical signals. Phy layer capabilities also include signaling of special hard reset signal, detection of host plug/unplug, transition from power management states as well as speed negotiation. In this regard, the SATA specification uses low-voltage differential signaling. Particularly, a signal is not conveyed as the voltage on a conductor relative to a common ground, but as the voltage difference between two adjacent conductors. While the voltage on one conductor is “high”, the voltage on the other conductor is “low”, i.e. each of the two adjacent conductors effectively acts as the inverse of the other. This type of signaling provides noise and crosstalk immunity benefits. Any EMI (Electro-Magnetic Interference), including noise and crosstalk, affecting the adjacent signals by the same amount is subject to differential cancellation at the receiver end.
Above the Phy layer is the Link layer, which is responsible for encoding transmitted data, decoding received data, and basic communications and protocol. A fairly common 8b/10b-encoding scheme is used. An 8-bit byte has 256 different values, which are tabulated in various ASCII (American Standard Code for Information Interchange) tables. A 10-bit byte has 1024 different values. By encoding the 256 possible byte values using a 10-bit field, it is possible to select which 256 values out of the 1024 possible values are utilized in the encoding scheme. The 8b/10b-encoding scheme includes limited run length, DC balance, and the ability to encode special control characters known as primitives.
Primitives are used for signaling special conditions between a transmitter and a receiver, such as SOF (Start of Frame), EOF (End of Frame), ALIGN (used to identify the location of the character boundaries in a bit stream). The Link layer includes (a) “idle” protocol, which establishes communications, (b) “transmit” protocol, which handles transmission of data payload, (c) “receive” protocol, which handles reception of transmitted data payload, and (c) “power management” protocol, which handles entry/exit from two power management states.
The Link layer is also responsible for delivering packets of payload data, which are called Frame Information Structures (FISes). A frame is a group of Dwords that convey information between a host and a device. A Dword may be represented as 32 bits of data, as two adjacent words, or as four adjacent bytes. When shown as bits, the least significant bit is bit 0 and the most significant bit is bit 31, which is tabulated on the left.
The Link layer protocol describes the sequences of primitives that are exchanged between a host and a device and the respective responses to various primitives and conditions. The Link layer protocol is responsible for computing a CRC (Cyclic Redundancy Check) for every FIS data payload transferred. The computed CRC is attached at the end of a FIS that is being transmitted. The Link layer verifies and removes the CRC from every received FIS. To minimize EMI impact on data payload transfers, the Link layer scrambles the payload data in a FIS before it is transmitted over the SATA interface.
Above the Link layer in the SATA architecture is the Transport layer, which constructs (encapsulates) FISes for transmission and decomposes (de-encapsulates) received FISes. When requested to construct (encapsulate) a FIS by a higher layer, the Transport layer (a) gathers FIS content based on the type of FIS requested, (b) places FIS content in the proper order, (c) notifies the Link layer of required frame transmission and passes FIS content to the Link layer, (d) manages Buffer/FIFO (First In First Out) flow and notifies Link layer of required flow control, (e) receives frame receipt acknowledgment from the Link layer, and (f) reports good transmission or errors in transmission to the higher layer. The Transport layer maintains no context in terms of ATA commands or previous FIS content.
The generic form of a FIS includes a FIS header and a FIS body. The FIS header generally consists of a FIS type field value and control field(s). The FIS body contains the data payload. The FIS type field value is contained in the first byte. FIS types include: (a) Register-Host to Device, (b) Register-Device to Host, (c) Data, (d) DMA (Direct memory Access) Activate, (e) PIO (Programmed Input/Output) Setup, (f) Set Device Bits, (g) DMA Setup, and (h) BIST (Built-In Self-Test) Activate. The second byte contains control information for the FIS and has three defined bits and several reserved bits. The three defined bits do not apply to all FISes. The three defined bits include the C (upper) bit, which is a command/control bit, the I bit, which is used to indicate if an interrupt should be triggered, and the D bit, which carries directional information. All fields after the first two bytes of the first word are FIS payload data.
For example, Register-Host to Device has a FIS type value of 0x27, a 0xAA value after scrambling, and a 10b-encoded value of 0101011010 in binary form. The format of Data FIS is identical whether transmitted from host to device or from device to host. Data FIS includes two fields for identifying the FIS type and related control information with the rest being payload data that is being conveyed.
In order to perform high speed cryptographic processing on FISes, two main tasks need to be performed. First, data FISes should be promptly detected and separated from non-data FISes; and second, each detected data FIS should be promptly examined to determine if it includes information that should be cryptographically processed. Cryptographic processing may include the following actions: (a) “bypass true,” which entails passing frames without subjecting the same to encryption/decryption; and (b) “bypass false,” which subjects the frames to encryption/decryption, respectively. A conventional method for performing these operations involves, first, the de-encapsulation of the entire received SATA protocol stack, then, analysis of the de-encapsulated information, and, finally, re-encapsulation of the information into a SATA protocol stack for transmission. This process is inefficient in terms of hardware/software complexity and inherent operation time latency.
A more efficient and less complex means of performing cryptographic processing under the SATA specification is needed. Such cryptographic SATA processing means should be able to encrypt/decrypt selected data streams received at each I/O side (host and device) at high speed. Furthermore, such means should be capable of efficiently distinguishing a received FIS with a data payload that requires cryptographic processing from all others that do not require cryptographic processing.